Firewall Rules possible bug?



  • Hi I have just setup my third PFsense box and I am trying 1.21 this time, my setup consists of the following
    WAN  192.168.1.100/24
    LAN    160.220.200.254/24
    OPT1  192.168.3.254/24
    OPT2  192.168.4.254/24

    My problem is I have created  firewall rules on OPT1 & OPT2 to stop anyone from accessing the LAN using protocol any and block LAN address which works great however I also need to block OPT2 from accessing OPT1, as soon as I add an Identical rule with block OPT1 address and apply the settings I am still able to acces OPT1 this also cancels the first rule allowing you to also gain access to the LAN.

    I have rebooted the unit, reinstalled and started from scratch to no effect is this a configuration issue / limitation or a possible bug?

    Cheers  ???



  • Try Diagnostics -> States -> Reset state
    It's easier to help if you post your rules Screengrab a firefox addon



  • Hi thanks for the reply, I have now reset the states and it has had no effect at all I have also deleted the rules and recreated them with complete with a restart :-[

    I will attach a screen shot later with the two firewall rules

    Cheers,



  • Hi I have attached a screen shot for the rule that is blocking access from OPT2 (Guests) onto my LAN I also have an identical rule created that is blocking access to OPT1 (LAN2) either rule created on its own works and blocks the defined network when both are created and activated you are then able to access both my LAN and LAN2

    cheers, ???




  • You want to block the lan subnet and not the lan adresse
    http://doc.m0n0.ch/handbook-single/#id11642030



  • Got it all working cheers Perry I have attached a screen shot of the rules.

    ;D




  • You could also create an alias which contains both your LAN1 and LAN2.
    Then use this alias in your second rule (allow anything with as destination NOT the alias).


Log in to reply